Secure Modular Authentication Systems Based on Conventional XOR Biometrics

Abstract

This paper presents an approach to designing secure modular authentication system based on conventional XOR biometrics. System consists of one or more clients, an authentication server and a trusted storage. Client is a device used to capture biometrics, obtain auxiliary data and create encrypted cancelable templates during the enrolment and verification phases. Authentication server manages encryption keys and verifies cancelable templates, while the trusted storage, which can be either distributed or centralized, stores the encrypted templates. Two important characteristics of the proposed system are that it keeps biometric templates encrypted or cancelable during all stages of storage, transmission and verification, and that it does not suffer from severe computational costs and large sizes of encrypted templates like systems based on homomorphic encryption. Additionally, system is general (i.e., it does do not depend on specific cryptographic algorithms) and modular, which allows a user enrolled on one client to verify his identity on another client connected to the same authentication server. Finally, security of the system is compared with the requirements of a cryptographically secured biometric system that provides strong privacy protection.